{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/266976?format=json","vulnerability_id":"VCID-znj9-9zem-s3c9","summary":"Regular Expression Denial of Service\nA regex in the form of `/[x-\\ud800]/u` causes the parser to enter an infinite loop. The string is not valid UTF16 which usually results in it being sanitized before reaching the parser.","aliases":[{"alias":"GMS-2020-1"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/72702?format=json","purl":"pkg:npm/acorn@5.7.4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/acorn@5.7.4"},{"url":"http://public2.vulnerablecode.io/api/packages/72703?format=json","purl":"pkg:npm/acorn@6.4.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/acorn@6.4.1"},{"url":"http://public2.vulnerablecode.io/api/packages/72704?format=json","purl":"pkg:npm/acorn@7.1.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/acorn@7.1.1"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/142321?format=json","purl":"pkg:npm/acorn@5.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9eyp-2a6k-xya4"},{"vulnerability":"VCID-znj9-9zem-s3c9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/acorn@5.5.0"},{"url":"http://public2.vulnerablecode.io/api/packages/573747?format=json","purl":"pkg:npm/acorn@5.5.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9eyp-2a6k-xya4"},{"vulnerability":"VCID-znj9-9zem-s3c9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/acorn@5.5.1"},{"url":"http://public2.vulnerablecode.io/api/packages/573748?format=json","purl":"pkg:npm/acorn@5.5.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9eyp-2a6k-xya4"},{"vulnerability":"VCID-znj9-9zem-s3c9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/acorn@5.5.2"},{"url":"http://public2.vulnerablecode.io/api/packages/573749?format=json","purl":"pkg:npm/acorn@5.5.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9eyp-2a6k-xya4"},{"vulnerability":"VCID-znj9-9zem-s3c9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/acorn@5.5.3"},{"url":"http://public2.vulnerablecode.io/api/packages/573750?format=json","purl":"pkg:npm/acorn@5.6.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9eyp-2a6k-xya4"},{"vulnerability":"VCID-znj9-9zem-s3c9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/acorn@5.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/573751?format=json","purl":"pkg:npm/acorn@5.6.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9eyp-2a6k-xya4"},{"vulnerability":"VCID-znj9-9zem-s3c9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/acorn@5.6.1"},{"url":"http://public2.vulnerablecode.io/api/packages/573752?format=json","purl":"pkg:npm/acorn@5.6.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9eyp-2a6k-xya4"},{"vulnerability":"VCID-znj9-9zem-s3c9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/acorn@5.6.2"},{"url":"http://public2.vulnerablecode.io/api/packages/573753?format=json","purl":"pkg:npm/acorn@5.7.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9eyp-2a6k-xya4"},{"vulnerability":"VCID-znj9-9zem-s3c9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/acorn@5.7.0"},{"url":"http://public2.vulnerablecode.io/api/packages/573754?format=json","purl":"pkg:npm/acorn@5.7.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9eyp-2a6k-xya4"},{"vulnerability":"VCID-znj9-9zem-s3c9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/acorn@5.7.1"},{"url":"http://public2.vulnerablecode.io/api/packages/573755?format=json","purl":"pkg:npm/acorn@5.7.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9eyp-2a6k-xya4"},{"vulnerability":"VCID-znj9-9zem-s3c9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/acorn@5.7.2"},{"url":"http://public2.vulnerablecode.io/api/packages/573756?format=json","purl":"pkg:npm/acorn@5.7.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9eyp-2a6k-xya4"},{"vulnerability":"VCID-znj9-9zem-s3c9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/acorn@5.7.3"},{"url":"http://public2.vulnerablecode.io/api/packages/142297?format=json","purl":"pkg:npm/acorn@6.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4t4e-47cq-2ffx"},{"vulnerability":"VCID-9eyp-2a6k-xya4"},{"vulnerability":"VCID-znj9-9zem-s3c9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/acorn@6.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/573758?format=json","purl":"pkg:npm/acorn@6.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9eyp-2a6k-xya4"},{"vulnerability":"VCID-znj9-9zem-s3c9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/acorn@6.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/573759?format=json","purl":"pkg:npm/acorn@6.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9eyp-2a6k-xya4"},{"vulnerability":"VCID-znj9-9zem-s3c9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/acorn@6.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/573760?format=json","purl":"pkg:npm/acorn@6.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9eyp-2a6k-xya4"},{"vulnerability":"VCID-znj9-9zem-s3c9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/acorn@6.0.3"},{"url":"http://public2.vulnerablecode.io/api/packages/573761?format=json","purl":"pkg:npm/acorn@6.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9eyp-2a6k-xya4"},{"vulnerability":"VCID-znj9-9zem-s3c9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/acorn@6.0.4"},{"url":"http://public2.vulnerablecode.io/api/packages/573762?format=json","purl":"pkg:npm/acorn@6.0.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9eyp-2a6k-xya4"},{"vulnerability":"VCID-znj9-9zem-s3c9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/acorn@6.0.5"},{"url":"http://public2.vulnerablecode.io/api/packages/573763?format=json","purl":"pkg:npm/acorn@6.0.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9eyp-2a6k-xya4"},{"vulnerability":"VCID-znj9-9zem-s3c9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/acorn@6.0.6"},{"url":"http://public2.vulnerablecode.io/api/packages/573764?format=json","purl":"pkg:npm/acorn@6.0.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9eyp-2a6k-xya4"},{"vulnerability":"VCID-znj9-9zem-s3c9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/acorn@6.0.7"},{"url":"http://public2.vulnerablecode.io/api/packages/573765?format=json","purl":"pkg:npm/acorn@6.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9eyp-2a6k-xya4"},{"vulnerability":"VCID-znj9-9zem-s3c9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/acorn@6.1.0"},{"url":"http://public2.vulnerablecode.io/api/packages/573766?format=json","purl":"pkg:npm/acorn@6.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9eyp-2a6k-xya4"},{"vulnerability":"VCID-znj9-9zem-s3c9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/acorn@6.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/573767?format=json","purl":"pkg:npm/acorn@6.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9eyp-2a6k-xya4"},{"vulnerability":"VCID-znj9-9zem-s3c9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/acorn@6.2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/573768?format=json","purl":"pkg:npm/acorn@6.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9eyp-2a6k-xya4"},{"vulnerability":"VCID-znj9-9zem-s3c9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/acorn@6.2.1"},{"url":"http://public2.vulnerablecode.io/api/packages/573769?format=json","purl":"pkg:npm/acorn@6.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9eyp-2a6k-xya4"},{"vulnerability":"VCID-znj9-9zem-s3c9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/acorn@6.3.0"},{"url":"http://public2.vulnerablecode.io/api/packages/573770?format=json","purl":"pkg:npm/acorn@6.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9eyp-2a6k-xya4"},{"vulnerability":"VCID-znj9-9zem-s3c9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/acorn@6.4.0"},{"url":"http://public2.vulnerablecode.io/api/packages/142296?format=json","purl":"pkg:npm/acorn@7.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4t4e-47cq-2ffx"},{"vulnerability":"VCID-9eyp-2a6k-xya4"},{"vulnerability":"VCID-znj9-9zem-s3c9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/acorn@7.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/573757?format=json","purl":"pkg:npm/acorn@7.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9eyp-2a6k-xya4"},{"vulnerability":"VCID-znj9-9zem-s3c9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/acorn@7.1.0"}],"references":[{"reference_url":"https://github.com/acornjs/acorn/commit/793c0e569ed1158672e3a40aeed1d8518832b802","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/acornjs/acorn/commit/793c0e569ed1158672e3a40aeed1d8518832b802"},{"reference_url":"https://snyk.io/vuln/SNYK-JS-ACORN-559469","reference_id":"","reference_type":"","scores":[],"url":"https://snyk.io/vuln/SNYK-JS-ACORN-559469"},{"reference_url":"https://www.npmjs.com/advisories/1488","reference_id":"","reference_type":"","scores":[],"url":"https://www.npmjs.com/advisories/1488"}],"weaknesses":[{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."}],"exploits":[],"severity_range_score":null,"exploitability":"0.5","weighted_severity":"0.0","risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-znj9-9zem-s3c9"}